How to train practically

Create a local lab: VirtualBox/VMware + Kali images + vulnerable Windows VM (like Metasploitable or a VM designed for exercises).

Use interactive learning platforms: TryHackMe and HackTheBox (many of which are suitable for beginners).

Practice on small scenarios: network scanning (Nmap) → packet analysis (Wireshark) → vulnerability scanning (OpenVAS) → exploitation attempt (Metasploit) → setting up detection/rules (Snort).

Participate in weekly CTFs to apply skills under time and task constraints.